Merge tag 'android-security-10.0.0_r53' into int/10/fp2
Android security 10.0.0 release 53
* tag 'android-security-10.0.0_r53':
Make mIsDeviceLockedForUser synchronized.
Add permission check on onKeyguardVisibilityChanged
Encrypt AES-256 keystore master keys.
Change-Id: I913fedc4146b84a02a92737e4868320be579ab8a
diff --git a/keystore/keystore_keymaster_enforcement.h b/keystore/keystore_keymaster_enforcement.h
index e7515a1..b0dae48 100644
--- a/keystore/keystore_keymaster_enforcement.h
+++ b/keystore/keystore_keymaster_enforcement.h
@@ -86,16 +86,19 @@
}
bool is_device_locked(int32_t userId) const override {
+ std::lock_guard<std::mutex> lock(is_device_locked_for_user_map_lock_);
// If we haven't had a set call for this user yet, assume the device is locked.
if (mIsDeviceLockedForUser.count(userId) == 0) return true;
return mIsDeviceLockedForUser.find(userId)->second;
}
void set_device_locked(bool isLocked, int32_t userId) {
+ std::lock_guard<std::mutex> lock(is_device_locked_for_user_map_lock_);
mIsDeviceLockedForUser[userId] = isLocked;
}
private:
+ mutable std::mutex is_device_locked_for_user_map_lock_;
std::map<int32_t, bool> mIsDeviceLockedForUser;
};